Are they trying to hide the version of Linux that the server is running on?
Or is the kernel that its showing mean that they aren't? Because when I type uname -a on my Linux box it shows I'm running Ubuntu. I'm just trying to figure if that's something they would want to keep secret for security reasons.

3 Answers
3

The output of uname is not designed to be cryptic; the reason it doesn't show what you consider useful information is that its purpose is to display machine and kernel identification, but not operating system identification. You can still generally guess the Linux distribution, because people who compile kernels tend to include some information in the kernel release name (uname -r) or version (uname -v) so that support people can tell if you're running an official kernel, and which. For example, here, .el is used by RHEL, and the version contains the compilation date.

There is no POSIX-level operating system identification, because most unices have a one-to-one mapping between kernel versions and operating system versions. This is not the case on Linux, where the same kernel is shared between multiple distributions, and even between multiple operating systems (GNU/X11/Apache/Linux/TeX/Perl/Python/FreeCiv , commonly known as “Linux” for short, but also Android and other less well-known systems).

Most Linux distributions have the lsb_release command these days. If yours doesn't, it's not for security purposes: there would be no point in trying to hide the distribution; if you can see files on the system, you can tell in all kinds of ways (by examining installed packages, comparing system files with known values and so on). The only information that would be specifically useful to an attacker is knowing what security holes exist, and that's not really a function of the distribution, it's a function of what security updates have or have not been applied (which, again, can be seen in all kinds of ways — including launching the exploit and hoping it works, so there wouldn't be any point in trying to hide it). A lack of lsb_release would be due to a lack of standardization: each distribution stores its version number in a different way.